cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Helper I
Helper I

Protecting Data Source

Hi all,

 

Having just designed an app to collect commission claims for sales people, I think I may have just come totally unstuck at the end of publishing it.

 

Having shared the app with the end users, it also needs the source file (Excel) shared which in hindsight makes sense BUT....

 

This data would be confidential i.e sales people logging commission claims. Even if you share the Excel (OneDrive for Business) and get it not to send any links, they would still only need to view 'files shared with me' and they would have access to all the data.

 

This must be a common problem i.e not wanting an end user of an app to be able to go and access the source data, interfere with it  or often not see all of it when it may not all be about them?

 

Does anyone have any ideas on any workaround? Was wondering if granting access to the Excel file but password protecting or anything in Excel that could have the table on a tab that users can't see?

 

It seems a massive oversight in terms of security and auditing to go to the length of building an app to collect data and then for anyone who has access to the app to have to have full edit access to the source data when all they have been given in the app is an add form.

 

Even if them seeing all the data wasn't a problem (it is for me), why would you want to allow them to be able to edit the source when you have spent ages building an app that often would have validation in it e.g pick from a drop down list then a user can edit the source and add something that shouldn't be there or manipulate a calculated field

 

Am I missing something here? This is my first app and have loved everything it has been able to do and had several more ideas for future apps but instantly all undone and worthless if an end user can just go and grab / see / edit the data file.

 

 

5 REPLIES 5
Highlighted
Super User III
Super User III

Hi @richrich123 ,

I have a similar issue, but it is quite easily overcome by planting a folder somewhere in your OneDrive and sharing without sending emails. You need 

  1. Manage Access (from three dot menu)
  2. Advanced - at the bottom
  3. Grant Permissions (at top)
  4. Show Options (at bottom) then uncheck email send

The users do not know where the file and unless they have the URL and cannot navigate to it as it is not their OneDrive.

 

Please click Accept as solution if my post helped you solve your issue. This will help others find it more readily. It also closes the item. If the content was useful in other ways, please consider giving it Thumbs Up.

Highlighted

Hi @WarrenBelz,

I did look at that and while not sending the email is a help, as this is an Excel data source for example, if a user went to Excel > File > Open > 'Shared with me' they will see it there along with every other file they have shared access to.

 

As a business, we would often share Excel files that are being worked on by teams / groups so it would be normal for people to do the above and no doubt at some point spot it. In this case, its not so much someone editing (I know they wouldn't) its that fact one can see the others confidential commission figures which was the reason for building the app (and the app works amazingly to validate and log claims, filtered by user and their personal percentages etc). 

 

Im just amazed this is even a problem that exists (found hundreds of posts of people flagging the same thing). How has MS never resolved this with an option for Powerapps to have permission to access the file, not the actual users. No app anywhere else would ever provide the user with mandatory access to the interfere with the an app or programs source data.

 

Really disappointing and several other ideas I had for Powerapps are not redundant as none would be viable if the app user can access the data. Just gobsmacked that such a powerful and impressive piece of technology it totally undermined and in this case rendered useless by such a simple thing.

Highlighted

Hi @richrich123 ,

I just tried  Excel > File > Open > 'Shared with me' and did not see any files, even though I have several shared by the method outlined (the OneDrive storage is one a Service Account and shared back to a number of accounts including mine)

It might be worth testing this. Bear in mind this is not a Share in the normal way - also I grant access to the folder, not the file.

 

Highlighted

Hi @WarrenBelz,

 

Just excitedly created a new Excel test file, shared it via your suggested method. Got the user to go to Excel > File > Open > "shared with me" and there it is in their list, they can see and open it. 😔

Highlighted

Ok @richrich123 ,

Thanks for the information.

Strange I get a different result. The other thing I guess is I have mainly field users who use iPads and no one in the office has discovered this. I will test with another office user.

Helpful resources

Announcements
Community Conference

Power Platform Community Conference

Check out the on demand sessions that are available now!

News & Announcements

Community Blog

Stay up tp date on the latest blogs and activities in the community News & Announcements.

secondImage

Power Platform 2020 release wave 2 plan

Features releasing from October 2020 through March 2021

Community Highlights

Community Highlights

Check out the Power Platform Community Highlights

Top Solution Authors
Top Kudoed Authors
Users online (7,883)